ePolicy Orchestrator Sustaining Statement (SSC1801301) - Missing HTTP Security headers
Last Modified: 2023-07-24 09:24:53 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
ePolicy Orchestrator Sustaining Statement (SSC1801301) - Missing HTTP Security headers
Technical Articles ID:
KB90241
Last Modified: 2023-07-24 09:24:53 Etc/GMT Environment
ePolicy Orchestrator (ePO) 5.x
Summary
This document describes the support position of Sustaining Engineering relative to a Trellix application. Our response to missing HTTP Security Headers and CWE-693: Overview This document addresses concerns about missing HTTP Security headers reported by vulnerability scanners on ePO. Review additional information at CWE-693: Protection Mechanism Failure. Description Some vulnerability scanners might tag the HTTP ports 8443 and 8444 with the following vulnerability: QID 11827 - HTTP Security Header Not Detected PluginID 84502 - HSTS Missing From HTTPS Server The following headers are part of this vulnerability:
Engineering researched this finding and concluded that ePO is not vulnerable.
Disclaimer Any future product release dates mentioned in this statement are intended to outline our general product direction. They mustn't be relied on in making a purchasing decision:
Affected ProductsLanguages:This article is available in the following languages: |
|